Automated topology change detection and policy based provisioning and remediation in information technology systems

ABSTRACT

Aspects of the present disclosure involve systems, methods, computer program products, and the like, that provide automated topology change detection and policy based provisioning and remediation in information technology systems, among other functions and advantages.

CROSS-REFERENCE TO RELATED APPLICATION

This non-provisional utility application claims priority under 35 U.S.C.§119(e) to co-pending provisional application No. 61/477,598 titled“Automated Topology Change Detection and Policy Based Provisioning andRemediation in Information Technology Systems,” filed on Apr. 20, 2011,the disclosure of which is hereby incorporated by reference herein.

FIELD OF THE INVENTION

Aspects of the present invention involve information technology systemsand methods and systems for managing the same.

BACKGROUND

Large scale information technology (IT) operational environments arecommon in many different organizations, such as universities,telecommunications companies, professional organizations, and the like.Such large scale IT environments have many common attributes and arefaced with many common issues in managing all of the IT resources. Forexample, large scale IP environments often include geographicallydistributed data centers, hundreds or thousands of physical servers frommultiple vendors, numerous different operating system (OS) variants andversions, increasing use of virtualization to maximize infrastructureutilization and minimize cost, hundreds or thousands of commercial offthe shelf (COTS) and custom application deployments. Moreover, ITprofessionals in such environments, along with the IT environmentitself, are responsible for hundreds of mission critical businessservices, must rapidly set up, provision and tear down environmentsrequired to keep pace with business, and must address legacyinfrastructure and applications inherited through acquisition.

In such an IT environment there are numerous common operationalproblems. For example, large numbers of applications and businessservices are deployed with complex or unknown interdependencies. Lack ofvisibility into current application topologies and dependencies preventseffective implementation of service impact management and service levelmanagement solutions for mission critical applications. Moreover,critical information about IT infrastructure and applications ishistorically maintained manually in multiple locations and formats bymany different people and organizations. Implicit in this recognition isthat critical knowledge about various applications, interdependencies,systems and the like is owned by people. Reductions in IT staff andoff-shoring accelerates loss of knowledge about business criticalapplications and systems exposing companies to significant risk.Similarly, critical information required for operational support is notavailable, updated or otherwise accessible resulting in higher mean timeto repair (MTTR) and cost to business. All of these difficulties areexaggerated by the high level of change in some environments makingmaintenance of current state of operational environment difficult tomanage and costly.

It is with these and other issues in mind that various aspects of thepresent disclosure were developed.

SUMMARY

Aspects of the present disclosure involve systems, methods, computerprogram products, and the like, that provide automated topology changedetection and policy based provisioning and remediation in informationtechnology systems, among other functions and advantages.

One particular aspect of the present disclosure involves a method ofmanaging an information technology system. The method includesautomatically detecting a topology change of a service in an informationtechnology environment. The topology change involves or is otherwiseassociated with a change to at least one component of the service. Themethod further involves automatically provisioning and/or automaticallyremediating the at least one component of the service based on a policy.

Another aspect of the present disclosure involves a system forinformation technology management including one or more processorscoupled with one or more tangible computer readable media containinginstructions, which when executed, perform the operations ofautomatically detecting a topology change of a service in an informationtechnology environment, the topology change involving a change to atleast one component of the service and automatically provisioning orautomatically remediating the at least one component of the servicebased on a policy.

Another aspect of the present disclosure involves a method of managingan information technology system including applying a unique pattern ofa particular service to automatically discovered discovery anddependency mapping of an IT environment in a first state and the ITenvironment in a second state to identify components of the particularservice in the first state and the second state. The method furtherinvolves identifying component topology changes of the particularservice between the first state and the second state. Finally, themethod involves automatically altering some or all components of theservice associated with the topology change based on a policy.

BRIEF DESCRIPTION OF THE DRAWINGS

Example embodiments are illustrated in referenced figures of thedrawings. It is intended that the embodiments and figures disclosedherein are to be considered illustrative rather than limiting.

FIG. 1 is a flowchart illustrating a method of automated topology changedetection and policy based provisioning and remediation in informationtechnology systems;

FIG. 2 is a diagram illustrating a fingerprint of a service;

FIG. 3 is a diagram illustrating an auto-discovered signature (physicalcomponents, applications, operating systems, databases, dependencies,etc.) of the service associated with the fingerprint shown in FIG. 2,the service signature being based on a system wide scan of an ITinfrastructure;

FIG. 4 is a screen shot of extracted memberships of the service of FIG.3, the extracted memberships being associated with some discrete momentin time, such as the time and date of the last IT system scan;

FIG. 5 is a topology change notification page generated by comparing theextracted service memberships at one time against the extractedmemberships of the same service at another time, the topology changenotification page identifying topology changes to the service such asaddition of components, removal of components, changes to components,etc., the topology notification page also identifying items that willexpire within some time frame, and items that have been aged-off;

FIG. 6 is a flowchart illustrating a method of policy based remediationor other changes to any components identified as having changed (e.g.,those listed in FIG. 5) as well as other remediation or alteration of aservice;

FIG. 7 is a flow diagram illustrating one possible workflow toautomatically conduct a remediation of some aspect of a service;

FIG. 8 illustrates an example of a computing device upon whichembodiments of the present invention can be implemented and practiced;

FIG. 9 illustrates a ticketing history of a particular component of aservice;

FIG. 10 is a graph of performance measurements of the particularcomponent of the service and other components, the performance beingmonitored by a performance agent associated with the component andproviding data including percentage utilization of a given processorassociated with the component, the utilization tracked over time;

FIG. 11 is a screen shot illustrating meta-data for a service or acomponent thereof, the metadata including various information concerningthe service or component thereof; and

FIG. 12 is a screen shot of contact information for a given service,which may be dynamically updated along with other information concerningthe service—in this case, updated when the HR system identifies a changeassociated with a given contact, such as phone number change, addresschange, or departure, and may also dynamically change the contactinformation.

DETAILED DESCRIPTION

Aspects of the present disclosure involve information technologyautomation, auto-discovery systems, configuration management,configuration management data quality, and various methods, systems, andcomputer program products concerning the same. One particular aspectinvolves automatic discovery of IT infrastructure (e.g., chassis model,processor cores, installed memory, attached storage, network interfaces,operating systems, applications, databases, etc.) and comparison of theIT infrastructure against one or more fingerprints associated withparticular services of the IT infrastructure. From the comparison,service attributes may be extracted and stored in a configurationmanagement database. The extracted attributes define the state of aparticular service at a given time. Each time an autodiscovery scan iscompleted, the attributes of the service may be extracted and used toidentify any changes to the service (e.g., by comparing against theprevious extracted attributes). Policy based remediation may then beconducted for the service, and particularly for any changed aspect ofthe service.

FIG. 1 is a flowchart illustrating one possible method of automatedtopology change detection and policy based provisioning and remediationin information technology systems. To begin, auto-discovery is conductedagainst some or all of an IT environment (operation 100). Auto-discoveryidentifies various components of the IT infrastructure, includinghardware, software and relationships between various components of theIT infrastructure.

A fingerprint or pattern is applied to the auto-discovered components togenerate a service signature (operation 110). A particular fingerprintor pattern may be generated, obtained or otherwise provided for variousexisting or possible services provided by the IT infrastructure. Forexample, a unique fingerprint may exist for an email service, a uniquefingerprint may exist for a word processing service, and uniquesignatures may exist for numerous other possible services provided bythe IT infrastructure. A fingerprint identifies various attributes of agiven service including software applications, databases, communicationlinks, dependencies, hardware, etc., and the relationships between thesame. Stated differently, a service fingerprint identifies IT componentsinvolved in the provision of a service.

Application of the fingerprint against the auto-discovered ITinfrastructure generates a signature for the service. The signature is acontemporaneous representation of all IT aspects of a particular serviceincluding the software applications installed, software applicationsrunning, the hardware (e.g., servers) upon which the software isinstalled and/or running, operating systems, database instantiations,connections to databases, connections between components, and the like.Thus, a unique service fingerprint is applied against auto-discovered ITinfrastructure components to provide a snapshot of the componentsinvolved in the provision of the service. In one specific arrangement, afingerprint involves a query of the auto-discovered IT components, andany results of the query are exported as an object.

From the signature, the topology of the service is extracted and saved(operation 120). In one example, service memberships are extracted andpopulate a configuration management database. In this way, the topologyof a given service is saved for some point in time. The preceding stepsmay be repeated at some other point in time and the topology for theservice again saved in a configuration management database. Similarly,the topology of the service may exist for the IT infrastructure in afirst state and infrastructure in a second state, where the ITinfrastructure in each state is associated with some alteration. Thus,the topology of a service (or other aspect of the IT infrastructure)exists for two different points in time, and/or states. Accordingly,through comparison (operation 130), topology changes to the service maybe identified. For example, if a database application associated with agiven service is moved from one server to another for some reason, onetopology will provide information associating the database with thefirst server, and the topology obtained after the change will provideinformation associating the database with the second server. The systemwill detect the change and some form of remediation or other work may beperformed on the service components generally or the changed servicecomponents (operation 140). The remediation or other form of change tothe components of the service may be based on an IT policy.

FIG. 2 is a diagram illustrating principles of auto-discovery accordingto aspects of the present disclosure. More particularly, FIG. 2illustrates a diagram of a fingerprint (or pattern) 200 of one possibleservice. In this case, the pattern is for a discovery and dependencymapping service that auto-discovers and defines a signature for aservice according to aspects of this disclosure. Aspects of the presentdisclosure are applicable to various possible services operating in anIT environment, such as applications (e.g., email, document processing),databases, hardware, combinations of the same, and the like.

FIG. 3 is a signature 300 of the service of FIG. 2. The servicesignature is generated based on auto-discovery scan of the ITinfrastructure, which in the example of FIG. 3 is an enterprise widescan, and comparing the service fingerprint to the auto-discoveredcomponents of the IT infrastructure. Hence, FIG. 3 illustratescomponents 310, dependencies 320, and links 330 of a particular service.In one possible implementation, systems and methods conforming to thisdisclosure include provisioning auto-discovery agents throughout the ITinfrastructure, the auto-discovery agents configured to detect andreport changes within the infrastructure.

FIG. 4 is an example of a topology 400 extract based on the informationof FIGS. 2 and 3. In this example, extracts 410 of operating systemmemberships of a service 420 (e.g., discovery and dependency mapping)are illustrated. These memberships may be compared against historicalmemberships from a previous scan. Additionally, changes to the topology(e.g., membership changes) may be identified. Note that not all of theinformation between FIG. 4 and FIG. 3 is identical as the extractedmembers shown in FIG. 4 were identified in a different state of theservice signature shown in FIG. 3.

FIG. 5 illustrates a topology change notification page 500 thatidentifies topology changes to a particular service. The changes to thetopology identify the application 510 and the version of the application520. Also identified is the server 530 where the application resides(loaded and/or running). Finally, the change notification also includethe date and time that the new application was discovered 540 as well asthe date and time when the application was “last seen” 550 through thecurrent or previous scan. If the last seen date precedes the appeareddate, then it is likely the case that the application was removed,uninstalled or other inactivated. Policy based remediation may alsooccur upon such a change.

Referring more specifically the change data shown in FIG. 5, in thethird row, a new application (Probe (vadcddm00001)) was added to theservice since the last scan (see also, FIG. 3, reference number 340).FIG. 5 also illustrates various other applications (and othercomponents) that were identified as having changed since the previousscan.

In one possible arrangement, auto-discovery routines are run at certaintime, and from application of the service signature, a given servicetopology is extracted and saved, with any changes resulting in a changenotification or some other form of change notice is provided. In theexample shown, auto-discovery is conducted on a schedule and any newlyprovisioned applications or other changes that occurred since the lastdiscovery are identified. Auto-discovery can occur on any schedule or atthe time of a change, and will depend on various factors such as theoverall size of the IT environment, the time to conduct a scan andrequirements of the IT organization managing the IT environment, amongother things. Based on auto-discovery, various methods and systemsconforming to aspects of this disclosure may identify changes to aninformation technology infrastructure, such as additions of physicalcomponents (desktop computers, servers, storage, routers, hubs,switches, etc.), alterations of any such systems (software updates,software additions, operating system changes or additions, etc.),dependencies between components and software, physical connectionsbetween components, as well as other additions and changes to the ITinfrastructure, some or all of which may be stored in a configurationmanagement database.

FIG. 6 illustrates one example of policy based remediation that occursfor any component of a service identified as having changed, as well aspossibly for other aspects of a service. It should be noted that policybased remediation and other changes may be performed for a serviceregardless of changes to the topology of the service. Moreover, themethod of FIG. 6 is also applicable to service component provisioning.IT process automation builds on the auto-discovery and service signatureextraction aspects discussed herein. Accordingly, systems and methodsconforming to this disclosure provide an inventory of various possibleservices of an IT infrastructure, and further allow for automaticprovisioning and remediation of the IT infrastructure, or automaticcontrol over such provisioning and/or remediation. In one example,provisioning involves configuring systems and providing users withaccess to data and technology resources (e.g., provides users access todata repositories, grants authorization to network applications anddatabases based on user identification). In another example, remediationinvolves identifying a fault or other problem with the IT infrastructureand correcting the fault. Such IT process automation actions, whetherprovisioning, remediation or otherwise, are based upon an accurate andcomplete picture of the IT infrastructure, and may be driven orotherwise dependent on IT policies.

Examples of policies that may be applied to some or all members of aservice include: ensuring all production operating systems aremonitored, ensuring all production databases are backed-up, ensuringperformance agents are installed on all operating systems and arereporting performance data, ensuring application contacts are current,and executing decommissioning actions for any removed components. Actionmay be taken, based on such policies, using automated workflow andremediation to ensure compliance with policies. Actions may involveautomated remediation (e.g. install monitoring, backup, or performancecollection agents and get them running) or manual steps (e.g. agentwon't install, open ticket with off-shore team to fix).

Referring now in more detail to FIG. 6, the method iterates throughdefined standards and policies for any item (component) identified ashaving changed, although the method may be performed against otheraspects of a service besides those that changed. The method receives asinputs any items identified as having changed, server lists, validationscripts, and correction scripts (operation 600). In one example, foreach standard, a generic automation handler process retrieves the listof changed items or configuration items (CIs) that the standard is to beapplied to. The list is filtered by exclusions, exemptions andexceptions. The method is applied to or otherwise loops through the listof CIs, i.e. the method is applied to each CI.

When the system is properly provisioned, the method proceeds to validatea defect for a particular changed item (operation 610). Stateddifferently, the method invokes a validation script to determine if anyaction (e.g., provisioning or remediation) needs to be taken for the Cl.For example, in the case of a database application, the extractedtopology information may show that a new database application isinstalled (and where), is executing, has a connection to someapplication, but has no set policies. The script is configured toinclude parameters concerning the particular applications policies, aswell as other attributes of the database application that are requiredfor the associated service. For example, the script may include aparameter that a back-up policy must be running for the databaseapplication. Hence, the validation script identifies that the policysettings for the new database application are incorrect.

Any systems that pass validation are marked as compliant (operation620). For systems that fail validation (e.g., incorrect policy setting),correction scripts are invoked to remediate the exception (operation630). Continuing with the above database example, a script is run toinvoke the back-up policy for the database application. FIG. 7,discussed herein, also provides one specific example of an automatedworkflow for performing remediation. Validation is then re-run followingcorrective action and systems that pass are marked as compliant(operation 640, operation 630). For example, the method will check tothe new database application to ensure the back-up policy is now active.Should the validation fail, the method may automatically open a ticketfor systems that continue to fail validation after remediation isattempted (operation 650). Once the ticket is closed, validation will berun again and passing systems marked as compliant (operation 660). Whena ticket is opened, it is possible that an IT professional may manuallycorrect the problem (e.g., activate the back-up policy for thedatabase).

FIG. 7 illustrates one particular method (or workflow) and system ofautomatic policy based remediation of changed components of a particularservice. Initially, automation obtains a list of servers, an HPSA serverscript for validation (or other validation script), an HPSA serverscript for correction (or other correction script), and a standard torecord metrics against. Next, an integrator module will step through thelist of severs, and run a validation script. When a validation fails,the appropriate correction script is run. The process proceeds for allservers, and will complete upon successful validation of all serversand/or a corrective action has been attempted. Metrics in this regardare recorded, and compared against the standard to identify the efficacyof the process. It is also possible to determine how long the IT processautomation takes for each server.

IT process automation may be used in various different cases, such asOSS credentials provisioning, OSS agent provisioning, and configurationmanagement data integrity. OSS credentials provisioning may includeadministrative credentials, application specific credentials, andauto-discovery credentials. OSS agent provisioning may include OpswareSA agent deployment, OVO fault monitoring agent deployment, backup agentdeployment, and performance data collection agent deployment. Finally,configuration data integrity may include new chassis detect locate,chassis decom, new virtual detect, and service topology change detect.

FIG. 8 is a schematic diagram of a computing device 700 upon whichembodiments of the present invention may be implemented and carried out.For example, one or more computing devices 700 or similar devices cancarry out one or more of the operations shown in the various figuresshown herein. As discussed herein, embodiments of the present disclosureinclude various steps or operations. A variety of these steps may beperformed by hardware components or may be embodied inmachine-executable instructions, which may be used to cause ageneral-purpose or special-purpose processor programmed with theinstructions to perform the operations. Alternatively, the steps may beperformed by a combination of hardware, software, and/or firmware.

According to the present example, the computing device 700 includes abus 701, at least one processor 702, at least one communication port703, a main memory 704, a removable storage media 705, a read onlymemory 706, and a mass storage 707. Processor(s) 702 can be any knowprocessor, such as, but not limited to, an Intel®, Itanium® or Itanium2® processor(s), AMD® Opteron® or Athlon MP® processor(s), or Motorola®lines of processors. Communication port(s) 703 can be any of an RS-232port for use with a modem based dialup connection, a 10/100 Ethernetport, a Gigabit port using copper or fiber, or a USB port. Communicationport(s) 703 may be chosen depending on a network such a Local AreaNetwork (LAN), Wide Area Network (WAN), or any network to which thecomputing device 700 connects. The computing device 700 may be incommunication with peripheral devices (not shown) such as, but notlimited to, printers, speakers, cameras, microphones, or scanners.

Main memory 704 can be Random Access Memory (RAM), or any other dynamicstorage device(s) commonly known in the art. Read only memory 706 can beany static storage device(s) such as Programmable Read Only Memory(PROM) chips for storing static information such as instructions forprocessor 702. Mass storage 707 can be used to store information andinstructions. For example, hard disks such as the Adaptec® family ofSCSI drives, an optical disc, an array of disks such as RAID, such asthe Adaptec family of RAID drives, or any other mass storage devices maybe used.

Bus 701 communicatively couples processor(s) 702 with the other memory,storage and communication blocks. Bus 701 can be a PCI/PCI-X, SCSI, orUSB based system bus (or other) depending on the storage devices used.Removable storage media 705 can be any kind of external hard-drives,floppy drives, IOMEGA® Zip Drives, Compact Disc-Read Only Memory(CD-ROM), Compact Disc-Re-Writable (CD-RW), Digital Video Disk-Read OnlyMemory (DVD-ROM).

Embodiments of the present disclosure include various steps, which aredescribed in this specification. The steps may be performed by hardwarecomponents or may be embodied in machine-executable instructions, whichmay be used to cause a general-purpose or special-purpose processorprogrammed with the instructions to perform the steps. Alternatively,the steps may be performed by a combination of hardware, software and/orfirmware.

Embodiments of the present disclosure may be provided as a computerprogram product, which may include a machine-readable medium havingstored thereon instructions, which may be used to program a computer (orother electronic devices) to perform a process. The machine-readablemedium may include, but is not limited to, floppy diskettes, opticaldisks, compact disc read-only memories (CD-ROMs), and magneto-opticaldisks, ROMs, random access memories (RAMs), erasable programmableread-only memories (EPROMs), electrically erasable programmableread-only memories (EEPROMs), magnetic or optical cards, flash memory,or other type of media/machine-readable medium suitable for storingelectronic instructions.

Various modifications and additions can be made to the exemplaryembodiments discussed without departing from the scope of the presentinvention. For example, while the embodiments described above refer toparticular features, the scope of this invention also includesembodiments having different combinations of features and embodimentsthat do not include all of the described features. Accordingly, thescope of the present invention is intended to embrace all suchalternatives, modifications, and variations together with allequivalents thereof.

1. A method of managing an information technology system comprising:automatically detecting, using at least one processor, a topology changeof a service in an information technology environment, the topologychange involving a change to at least one component of the service; andat least one of automatically provisioning or automatically remediatingthe at least one component of the service based on a policy.
 2. Themethod of claim 1 wherein automatically detecting a topology change of aservice in an information technology environment, the topology changeinvolving a change to at least one component of the service comprises:obtaining a first auto-discovery scan of the information technologyenvironment; obtaining a pattern for the service; applying the patternto the auto-discovery scan to obtain a first information technologytopology of the service.
 3. The method of claim 2 further comprising:obtaining a second auto-discovery scan of the information technologyenvironment at a time different from the first scan; applying thepattern to the second auto-discovery scan to obtain a second informationtechnology topology of the service; and automatically detecting thetopology change of the service by identifying differences between thefirst auto-discovery scan and the second auto-discovery scan.
 4. Themethod of claim 3 wherein each scan comprises a discovery and dependencymapping of the IT environment, and further comprising: generating afirst signature for the service, the first signature for the serviceincluding a first discovery and dependency mapping of the IT environmentrelevant to the service; extracting service memberships of the servicefrom the first signature to generate the first information technologytopology, and saving the first information technology topology to aconfiguration management database; generating a second signature for theservice, the second signature for the service including a seconddiscovery and dependency mapping of the IT environment relevant to theservice; extracting service memberships of the service from the secondsignature to generate the second information technology topology, andsaving the second information technology topology to a configurationmanagement database; and automatically detecting the topology change ofthe service by comparing the first information technology topology withthe second information technology topology.
 5. The method of claim 1further comprising: executing an automatic remediation operation, usingat least one processor, to conform the at least one component of theservice to the policy when the at least one component does not conformto the policy.
 6. The method of claim 5 further comprising: executing anautomated workflow to perform execution of the automatic remediationoperation.
 7. The method of claim 5 further comprising: automaticallyopening a ticket for manual remediation of the at least one component ofthe service to conform the component to the policy when the automaticremediation of the component to conform to the policy fails.
 8. Themethod of claim 5 wherein the policy comprises one or more of a back-uppolicy, a monitoring policy, a performance data gathering policy, adecommissioning policy, and a contact policy.
 9. The method of claim 1further comprising: executing an automatic provisioning operation toprovision the at least one component of the service in conformance withthe policy.
 10. A method of managing an information technology systemcomprising: applying a unique pattern of a particular service toautomatically discovered discovery and dependency mapping of an ITenvironment in a first state and the IT environment in a second state toidentify components of the particular service in the first state and thesecond state; identifying component topology changes of the particularservice between the first state and the second state; automaticallyaltering some or all components of the service associated with thetopology change based on a policy.
 11. A system for informationtechnology management comprising: one or more processors coupled withone or more tangible computer readable media containing instructions,which when executed, perform the operations of: automatically detectinga topology change of a service in an information technology environment,the topology change involving a change to at least one component of theservice; and at least one of automatically provisioning or automaticallyremediating the at least one component of the service based on a policy.12. The system of claim 11 wherein the operation of automaticallydetecting a topology change of a service in an information technologyenvironment, the topology change involving a change to at least onecomponent of the service comprises: obtaining a first auto-discoveryscan of the information technology environment; obtaining a pattern forthe service; applying the pattern to the auto-discovery scan to obtain afirst information technology topology of the service.
 13. The system ofclaim 2 wherein the one or more processors coupled with one or moretangible computer readable media containing instructions, which whenexecuted, perform the operations of: obtaining a second auto-discoveryscan of the information technology environment at a time different fromthe first scan; applying the pattern to the second auto-discovery scanto obtain a second information technology topology of the service; andautomatically detecting the topology change of the service byidentifying differences between the first auto-discovery scan and thesecond auto-discovery scan.
 14. The system of claim 13 wherein each scancomprises a discovery and dependency mapping of the IT environment, andwherein the one or more processors coupled with one or more tangiblecomputer readable media containing instructions, which when executed,perform the operations of: generating a first signature for the service,the first signature for the service including a first discovery anddependency mapping of the IT environment relevant to the service;extracting service memberships of the service from the first signatureto generate the first information technology topology, and saving thefirst information technology topology to a configuration managementdatabase; generating a second signature for the service, the secondsignature for the service including a second discovery and dependencymapping of the IT environment relevant to the service; extractingservice memberships of the service from the second signature to generatethe second information technology topology, and saving the secondinformation technology topology to a configuration management database;and automatically detecting the topology change of the service bycomparing the first information technology topology with the secondinformation technology topology.
 15. The system of claim 11 wherein theone or more processors coupled with one or more tangible computerreadable media containing instructions, which when executed, perform theoperations of: executing an automatic remediation operation to conformthe at least one component of the service to the policy when the atleast one component does not conform to the policy.
 16. The system ofclaim 15 wherein the one or more processors coupled with one or moretangible computer readable media containing instructions, which whenexecuted, perform the operations of: executing an automated workflow toperform execution of the automatic remediation operation.
 17. The systemof claim 15 wherein the one or more processors coupled with one or moretangible computer readable media containing instructions, which whenexecuted, perform the operations of: automatically opening a ticket formanual remediation of the at least one component of the service toconform the component to the policy when the automatic remediation ofthe component to conform to the policy fails.
 18. The system of claim 15wherein the policy comprises one or more of a back-up policy, amonitoring policy, a performance data gathering policy, adecommissioning policy, and a contact policy.
 19. The method of claim 1wherein the one or more processors coupled with one or more tangiblecomputer readable media containing instructions, which when executed,perform the operations of: executing an automatic provisioning operationto provision the at least one component of the service in conformancewith the policy.
 20. A tangible computer readable media containing oneor more executable instructions configured to perform the method ofclaim 10.